Jump to main content
RICOH
Global
| Contact | Site Map | Search
HomeAbout RicohProducts & SolutionsSupportDownloadsInvestorsEnvironment
About Ricoh > Information Security > Focal Actions and the State of Implementation
[Incident Report]
Information Security
* Message from the President
* An Overview
Focal Actions and the State of Implementation
* ISMS Certification
* RFG ISMeasures
* Study on Information Security in Japan and Overseas
* Promoting Internal Control
* Internal IT Security Investments and Measures
* Business Continuity Plan and Related Undertakings
* Incident Report
* Information Security-Related Actions in Fiscal 2008
* ISMSs in Action
* Values Ricoh Delivers
*

Main Content

Incident Report
Undertakings Aimed at the Prevention of Information Leaks and Recurrences

In April 2007, customer information of a Group company was leaked externally from a computer belonging to an employee of that Group company via the file exchange software Winny. This section explains the measures Ricoh has taken to prevent a recurrence.

Actions Following the Incidents
As reported in the fiscal 2007 edition of the Information Security Report, Ricoh promptly apologized, gave an explanation to the customers affected by the incident, and proceeded to analyze causes of the incident and administer emergency actions.
In addition, measures were taken individually upon consultation with the customers so as not to inconvenience them any further as a result of the data leak.

Measures for the Prevention of Recurrences
Ricoh dispatched auditors from its security administration to the Group company responsible for the incident and audits were made to determine whether actions to prevent any recurrence were consistently carried out. In addition, The Ricoh Group has also implemented the following measures to prevent future incidents.

Reiteration of Existing Rules Including Rules Regarding the Removal of Data from the Office

The Ricoh Group ensured that all Group companies were fully aware of this incident and that they renewed their commitment to enforce existing rules.

Increased Awareness through Security Education

Through educational programs, managers and employees are reminded of the risk of information leaks caused by taking confidential data out of the office and the risk of data leaks to the Internet via file exchange software. Security education is also administered to raise security awareness.

Stronger Security for Client PCs

In addition to the uniform management governing the taking out of mobile PCs, assessments of thin client environments began in fiscal 2007. Mobile PCs will be replaced in stages beginning fiscal 2008.

Common Procedures for Incident Reporting

To address an incident promptly and properly, common reporting procedures applicable to the entire Group were set up. The Group is thoroughly committed to the prevention and the recurrence of similar incidents.
* Business Continuity Plan and Related Undertakings * Information Security-Related Actions in Fiscal 2008


*To Top
 

INFORMATION SECURITY REPORT 2008
INFORMATION SECURITY REPORT 2008

PDF download PDF download




| Accessibility features | Privacy | Terms of Use | Copyright (C) 1999-2009 Ricoh Co., Ltd. All Rights Reserved.